Reuters was yesterday hit by malvertising inserted on its site by the Syrian Electronic Army (SEA), just days after the group attacked the Sunday Times and the Sun.
Targeting adverts provided by Israeli agency Taboola, the attack redirected users to a message demanding the news wire stop publishing "fake" reporta on Syria, identical to that posted on News UK's websites last week.
Confirming the breach Adam Singolda, chief executive of Taboola said: "While we use two step authentication, our initial investigation shows the attack was enabled through a phishing mechanism.
"We immediately changed all access passwords, and will continue to investigate this over the next 24 hours."
The attack was estimated to last an hour, but was resolved 35 minutes after being detected, and Reuters has since been working as usual.
"UK government is supporting the terrorists in Syria to destroy it," SEA said in its message. " Stop spreading its propaganda."
Sympathetic to Syrian president Bashar al-Assad, SEA are thought to be a young group of Syrians living both inside and outside the state, who regularly attack Western media groups they perceive to be hostile to Assad's regime.
Reuters was targeted by the hacking group last year when it seized control of the news wire's Twitter account, posting political cartoons in support of Assad. The year before a similar attack also took place.
Malvertising luring users into ransomware attacks was discovered earlier this month on websites belonging to Disney, Facebook and the Guardian earlier this month, in what appears to be an increasingly common attack strategy.